vBulletin hack exposes 820,000 accounts from 126 forums

Nearly 820,000 forum accounts leaked following an attack taking advantage of a critical vulnerability in the older versions of vBulletin, one of the widely used Internet forum software.

A hacker going by CrimeAgency on Twitter claims to have hacked 126 forums running on vBulletin, stealing personal data belonging to forum admins and registered users, before leaking everything to an underground hacking forum.

The information was verified by breach notification platform Hacked-DB after they managed to scan the data. The attack was conducted between January and February 2017. The hacker managed to get his hands on 819,977 user accounts, including email addresses, hashed passwords, as well as 1681 unique IP addresses. Most of the accounts were linked to Gmail - over 219,000, followed by 121,000 Hotmail accounts and 108,000 Yahoo accounts.

The hacker seems to have used multiple security vulnerabilities reported to vBulletin a while back. The issues have been fixed on the latest versions of the software, but the exploit still works on forums that haven't bothered to update. Considering at least one of the issues dates back to last summer, this is sheer negligence or simple carelessness. Checking which websites use vBulletin is quite easy, such as running Google Dorks, an exploit database. It's just as easy to see which software versions they use and where to attack.

"Wide range of forums"

This isn't the first time vBulleting forums have fallen victim to hackers, and it certainly won't be the last. While you may not really care whether your forum data has been stolen, you may care that your email account can be seen and maybe even hacked. The complete list of forums that were affected by the hack can be found in a Pastebin and includes boards dedicated to artists, games, torrent sites, politics and adult movies, to name a few.